Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/EFpp1ecMW8TWRG-p4oYa7fPPvPI.roa
File: EFpp1ecMW8TWRG-p4oYa7fPPvPI.roa (raw, json)
Hash identifier: a7nT0f4Aii6pfEA07RoNM/fESmlRPCmSXyaPHHhHtfc=
Subject key identifier: 10:5A:69:D5:E7:0C:5B:C4:D6:44:6F:A9:E2:86:1A:ED:F3:CF:BC:F2
Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial: 01966CAFEA987A0478317789C5871FCC0FFC
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/EFpp1ecMW8TWRG-p4oYa7fPPvPI.roa
Signing time: Fri 25 Apr 2025 11:23:10 +0000
ROA not before: Fri 25 Apr 2025 11:23:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48031
IP address blocks: 45.134.156.0/22 maxlen: 24
45.134.158.0/24 maxlen: 24
45.134.159.0/24 maxlen: 24
78.136.248.0/22 maxlen: 24
88.204.40.0/21 maxlen: 24
185.232.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 14:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6c:af:ea:98:7a:04:78:31:77:89:c5:87:1f:cc:0f:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Validity
Not Before: Apr 25 11:23:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=105a69d5e70c5bc4d6446fa9e2861aedf3cfbcf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:eb:d0:bc:fd:fb:67:2d:62:30:98:24:a1:6a:
39:e4:b3:5b:91:a5:d1:51:7c:a2:62:43:63:77:25:
eb:6f:1d:d0:9e:2d:96:a1:37:9e:f7:a6:46:fb:97:
58:fb:85:02:40:b6:74:d5:54:fb:7e:44:c6:49:09:
4f:3c:d6:a4:fb:23:34:ce:f7:a8:ac:b0:26:3a:4b:
52:c3:1b:ab:23:e7:6b:da:6c:e5:e0:9a:e6:6d:8b:
b2:70:8b:30:10:7b:46:47:0c:76:da:e7:55:e0:35:
9c:85:a3:d8:68:fa:50:00:7a:e1:3d:4c:ea:9c:42:
a7:5e:bf:e8:db:9d:31:06:6a:a5:c3:5d:fe:06:32:
01:18:f5:77:17:6a:d7:0b:6b:f2:c5:02:0a:23:69:
be:19:58:bc:2f:7d:c7:87:92:e5:ad:f4:f6:d2:68:
40:4a:af:f0:bc:8e:7b:af:a2:87:5d:0a:dc:ca:75:
3b:56:9c:ab:8e:67:84:57:65:de:50:f5:0d:7e:6d:
99:eb:d2:b6:f0:c8:5e:64:f1:66:20:31:a9:69:93:
b6:bd:33:3d:e8:c9:9d:de:93:e3:24:03:b8:a3:aa:
ef:b0:d6:00:61:f8:3c:9e:de:83:55:e1:54:4e:f3:
98:50:fb:50:2d:78:34:80:3b:e3:bb:67:4b:2f:d4:
9f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:5A:69:D5:E7:0C:5B:C4:D6:44:6F:A9:E2:86:1A:ED:F3:CF:BC:F2
X509v3 Authority Key Identifier:
keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/EFpp1ecMW8TWRG-p4oYa7fPPvPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.156.0/22
78.136.248.0/22
88.204.40.0/21
185.232.16.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:e6:b8:85:7d:0e:cb:ba:7d:77:1e:1b:0d:71:8e:e8:69:db:
65:f6:24:f8:04:74:9a:46:c6:06:fa:dc:74:2c:b4:a3:1c:f0:
7b:c4:4d:48:84:8d:c3:6d:0a:ac:ef:ce:36:7e:09:c5:e6:6c:
6c:fb:2e:29:28:a6:c1:54:ad:67:a2:8b:18:14:65:75:05:fb:
20:c4:ad:89:b8:67:85:ac:e0:95:7b:9a:68:85:ed:06:42:62:
72:b1:b8:5f:85:27:4f:50:d9:09:fe:8b:fd:09:f6:07:5b:c4:
f6:c8:3f:c7:bb:12:ee:09:cb:bf:79:75:7f:14:95:6f:b7:b0:
8b:fa:a5:3d:6f:e5:87:09:50:d4:95:86:20:0a:04:34:5c:2a:
92:12:14:56:58:4b:97:cb:b7:47:bc:97:00:c7:b2:b6:2e:50:
33:4c:cd:5d:65:88:d4:00:cf:78:d0:b9:92:eb:11:e6:e3:45:
97:70:ab:6c:64:2a:32:a2:6c:42:ac:6d:e7:41:63:9b:32:46:
33:cf:87:03:e6:dd:86:38:7d:44:04:a4:ea:83:12:3b:48:f4:
b1:30:e3:4c:3a:75:c4:47:de:52:3e:a9:af:a2:65:24:fc:30:
7b:cb:a3:84:2b:71:77:30:0b:c2:e2:55:3c:3d:d5:60:c9:1f:
12:c7:17:c5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZZsr+qYegR4MXeJxYcfzA/8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjUwNDI1MTEyMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDVhNjlkNWU3MGM1YmM0ZDY0NDZmYTllMjg2MWFlZGYzY2ZiY2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuvQvP37Zy1iMJgkoWo55LNbkaXR
UXyiYkNjdyXrbx3Qni2WoTee96ZG+5dY+4UCQLZ01VT7fkTGSQlPPNak+yM0zveo
rLAmOktSwxurI+dr2mzl4JrmbYuycIswEHtGRwx22udV4DWchaPYaPpQAHrhPUzq
nEKnXr/o250xBmqlw13+BjIBGPV3F2rXC2vyxQIKI2m+GVi8L33Hh5LlrfT20mhA
Sq/wvI57r6KHXQrcynU7VpyrjmeEV2XeUPUNfm2Z69K28MheZPFmIDGpaZO2vTM9
6Mmd3pPjJAO4o6rvsNYAYfg8nt6DVeFUTvOYUPtQLXg0gDvju2dLL9SfFwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBBaadXnDFvE1kRvqeKGGu3zz7zyMB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEvRUZwcDFlY01XOFRXUkctcDRvWWE3ZlBQdlBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLYacAwQC
Toj4AwQDWMwoAwQAuegQMA0GCSqGSIb3DQEBCwUAA4IBAQB/5riFfQ7Lun13HhsN
cY7oadtl9iT4BHSaRsYG+tx0LLSjHPB7xE1IhI3DbQqs7842fgnF5mxs+y4pKKbB
VK1noosYFGV1BfsgxK2JuGeFrOCVe5pohe0GQmJysbhfhSdPUNkJ/ov9CfYHW8T2
yD/HuxLuCcu/eXV/FJVvt7CL+qU9b+WHCVDUlYYgCgQ0XCqSEhRWWEuXy7dHvJcA
x7K2LlAzTM1dZYjUAM940LmS6xHm40WXcKtsZCoyomxCrG3nQWObMkYzz4cD5t2G
OH1EBKTqgxI7SPSxMONMOnXER95SPqmvomUk/DB7y6OEK3F3MAvC4lU8PdVgyR8S
xxfF
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:01:58 2025 by rpki-client